ctubbsii commented on a change in pull request #427:
URL: https://github.com/apache/fluo-muchos/pull/427#discussion_r780048461
##########
File path: lib/muchos/config/base.py
##########
@@ -480,13 +506,51 @@ def checksum_ver(self, software, version):
)
key = "{0}:{1}".format(software, version)
- if key not in self.checksums_d:
- exit(
- "ERROR - Failed to find checksums for {} {} in {}".format(
- software, version, self.checksums_path
- )
+ # we first check if there is a tarball in conf/upload for this software
+ local_tarball_path = self.get_local_tarball_path(software)
+ if local_tarball_path is not None and exists(local_tarball_path):
+ if "-SNAPSHOT" in local_tarball_path:
+ # compute checksum for SNAPSHOT tarballs and use that
+ local_tarball_sha512 = sha512()
+ with open(local_tarball_path, "rb") as tarball_contents:
+ file_buffer = tarball_contents.read(65536)
+ while len(file_buffer) > 0:
+ local_tarball_sha512.update(file_buffer)
+ file_buffer = tarball_contents.read(65536)
+ return f"sha512:{local_tarball_sha512.hexdigest()}"
+
+ # if a local tarball exists, we need either an entry in
+ # conf/checksums, or a .sha512 file
+ if key not in self.checksums_d:
+ # if a local tarball exists but no checksum in conf/checksums
+ # see if we have a .sha512 file to use
+ sha512_path = local_tarball_path + ".sha512"
+ if exists(sha512_path):
+ with open(sha512_path, "r") as sha512_file:
+ # replace all whitespace in the sha512 file
+ sha512_contents = re.sub(
+ r"\s+", "", sha512_file.read()
+ )
+
+ # since the sha512 files have varied structures
+ # we first check that the exact tarball file name is
+ # found, and if so, we will extract the sha512 hash
+ if basename(local_tarball_path) in sha512_contents:
+ match_result = re.search(
+ "(?P<hash>[a-fA-F0-9]{128})", sha512_contents
Review comment:
Searching the contents for a 128 character hash anywhere with this regex
cleverly avoids parsing the different file formats, but my brain is thinking of
ways to break this logic with some fun release tarball versioning schemes
:smiley_cat:
I think this is probably fine, but I'm not sure we actually needed all this
logic to read the arbitrary file formats, when users could just put the hash
for anything they put in the uploads directory in the checksums file instead...
leaving the job of parsing the crazy formats that some projects use to the user
to deal with in their checksum config file. It'd be far simpler to omit this
feature.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
